TechJunkie is a BOX20 Media Company

Home Web The Mysterious 1e100.net

The Mysterious 1e100.net

The Mysterious 1e100.net

If you are the type of tech junkie who likes to dig into your Internet access logs to look at your incoming and outgoing Internet connections, you may have noticed that the domain “1e100.net” pops up once in a while, seemingly without rhyme or reason. In some instances you may even have a persistent connection to 1e100.net, even as soon as you start your computer.

What on Earth is 1e100.net? Well, if you are enough of a math geek, you know that the “e” symbol stands for exponentiation, and “1e100” means 1×10 to the 100th power. That’s a big number…in fact, it’s a number so large that it’s called a “googol” – a one followed by 100 zeroes. Hmmm, googol, googol…what’s familiar about that word? Ah yes – it sounds just like Google. And that’s because Google is named after googol, and 1e100.net is one of Google’s domains. A WHOIS lookup for that domain reveals it’s owned by them.

Because many power users aren’t aware of this connection, their first reaction upon seeing 1e100.net pop up in in a network management program, such as a software-based firewall, is to block it because they don’t know what it is. It further freaks people out if it shows up as a persistent connection that they can’t get rid of. However, it is a perfectly harmless connection and there’s no need for panic. The 1e100.net domain will never show up by itself. It will always be a subdomain such as server-name.1e100.net.

Instances where you will see the 1e100.net connection

(By “see” I mean viewing from a network utility that can closely monitor all network requests.)

Any web page that has embedded YouTube video

For YouTube itself (a Google property) or any other web site that has a YouTube video embedded in it, 1e100.net will show up even if the video isn’t loaded. When the Flash player first launches it makes a request to YouTube for the video thumbnail image and therefore sends a request to 1e100.net for that data.

Firefox “safe browsing”

This feature by default is enabled and uses a Google server to check web sites you load to see if they’re in the “bad” list.

This is located from Tools / Options / Security:

image

The two checkboxes “Block reported attack sites” and “Block reported web forgeries” enable Firefox to check every single web site you load against the “bad” list Google has.

Uncheck these two boxes if you don’t want where you surf to be checked against the Google list.

If you want to see the actual configuration data for this, load the address about:config in Firefox, then search for safebrowsing, like this:

image

You don’t have to necessarily do anything here, but if you wanted to know “How much Google is in my Firefox?”, there’s your answer.

Google Earth / Google Updater

Both Earth and Updater (which Earth installs by default) will make connections to 1e100.net to check for updates.

You can instruct Updater not to do that if so desired.

Other places?

As far as I’m aware, the three above instances are where you will see 1e100.net appear. Now that you’re aware what it is and its purpose, you now know it’s not spyware or malware. It’s Google. Using a weird domain because.. um.. well.. it’s a long story and we’ll leave it at that. :)

How To Use Realtek HD's Loudness Equalization For Easy Volume Control

Read Next 

27 thoughts on “The Mysterious 1e100.net”

Basil says:
July 10, 2022 at 5:11 pm
I don’t mind if my data is being collected. It’s what they are doing with it after the fact and not saying or being honest about that I have a real problem with. The NSA and other agencies are supposed to be protecting people. We are supposed to be able to trust you government. They are supposed to stand behind our justice system. I think most people would understand the data collection if we could trust that it isn’t being mishandled and information misused because that’s what I’m seeing. And it may be Google but it is not entirely true that nothing nefarious is going on, so don’t be duped into believing that. It’s a shame but that’s the truth. And I’m no longer afraid to say so because it’s time for people to demand that someone stand by their terms of service and our data not be misused and people not be targeted. The World is in a dark place. No reason to simply believe what anyone tells you anymore. If that’s not obvious to you yet, you better wake up.
Gina OShell says:
May 3, 2021 at 12:02 pm
If you look up the longitude and latitude coordinates from the IP address information, you are able to obtain the property owner’s name. But it’s not google, LLC, as you would expect it to be! The property is owned by the City of Mountain View. I can’t imagine Google doesn’t own its own land and buildings where it’s servers are housed, as they would want to take full opportunity of any depreciation for tax purposes ?? So Whom is watching Who??
aurorum says:
January 10, 2019 at 6:36 am
dont think youre in a position to control your privacy without external firewalls and a whole lot of monitoring and paranoia. as UEFI gets more and more developed and more overlooked as just a bios replacement more and more people will forgot or not know that it is a middleman os and doeant srop after it boots your os. it has full admin access to hardware, data on hardware and can make connections to the internet to servers like these to report or upload malicious or illicit content that it has detected. also, ita already hacked by a russian group named something bear and that is why mobo native wifi is cancer. also the open source altenatives exist for uefi but i have not tried them yet. afraid of bricking my dual bios mobo lol. so really, my point is your computr siftwarunning in layers below your os can do things without you knowing. without your os software firewall knowing. thus is the age the non paranoid or the apathetic have left us.
helpful_zombie says:
June 1, 2019 at 10:11 pm
since when did fancy bear hack the entirety of uefi?
Bali Bebas! says:
November 14, 2018 at 9:20 am
Great little post here. If you’re on an Android device you may detect and block this domain using NetGuard, an open source firewall for Android (available on F-Droid). Based on profiling on EMUI I saw connection attempts to 1e100 for services such as “Google Backup Transport”, “Google Play services” and “1021” (GPS daemon). I’d have personally blocked this domain sooner but I’ve only been using Android for a few months and only recently became aware of NetGuard.
John says:
November 12, 2018 at 6:12 pm
ummm, you guys are still blind, deaf and dumb. The registrant is located in Bluffdale Utah which IS the NSA Data Center. They run everything through the 1e100 as well as Akamai to make it hard for you to block it using wildcard filters. You CAN just block the bluffdale list. And the servers will fallback to other non-nsa servers. This is also why the pentagon and google have got together for delivering data recently.
helpful_zombie says:
June 1, 2019 at 10:15 pm
other things than the nsa data center are allowed to be located in bluffdale. for example: my house

they don’t do it to make it hard for you to block, they do it to prevent xss and to assign hostnames to their multiple ip addresses.

source: https://support.google.com/faqs/answer/174717

Cotton_balls_007 says:
October 4, 2021 at 3:24 am
I don’t know if we’re all just geeking, googling or Google Eyed I’m going to contact Paul Harvey by way of Jodie Foster cuz if ain’t nobody after there’s an awful lot of waste of space.
androidhacked says:
October 20, 2018 at 9:08 pm
I wish you had the time to dig deeper a little bit more because markmonitor is not just the registrar of that address (le100.net) but its also rigistered with gstatic which is a intrusive dangerous virus that gets pass any anti virus ware, malware, etc… Detection…. I found out by firefox extensions called no script 10.1. This extension reveals scripts running on websites you look at. I looked up all the websites (scripts) that was running on my pages i was looking at, even key locked pages and gstatic.com will always pop up. I think you was getting close because (le100.net) (gstatic) both registrar is mark monitor who i THINK is descizing or hiding behind being registered to google. My phone is currently hacked by gstatic and i looked up their ip which led me to this page. I tried everything but no antivirus apps can remove this on an android phone. Any suggestions???
helpful_zombie says:
June 1, 2019 at 10:05 pm
gstatic isn’t a virus — it’s google’s (notice the g in gstatic) static hosting site for all of their scripts and fonts. (also, markmonitor is just the company that registered gstatic, 1e100, etc. on behalf of google.) 9/10 times the reason you see it on random sites is because it uses fonts, scripts, or CSS styles from google. This is quite common, and is absolutely nothing to be scared of. You can see it on this page too — there’s a reCAPTCHA and some fonts, which are both hosted, at least partly, on gstatic.
Scott says:
July 10, 2017 at 7:49 am
Found this domain in my net logs and it had 2.9GB of data outbound to it in just 1 day. The data was coming from an iPhone connected via WiFi.
Leo says:
October 27, 2016 at 11:32 pm
By mass data collection makes it Harder to find the correct information. What it is this 1e100 doesnt represent scientific notion for a Google. Bc e= 2.718
Whst does it mean?
Giving in this situation I know that the integral of e is itself a partial differential operation. Do e= operator of the partial differential in question, with reference yo our initial integral.

Technically speaking GOOGLE COULD HAVE AN INFINITE VOLUME OF SPACE by utilizing this domain name properly. Its what sets an integral to start moving leads to imaginary numbers, Querteronians…..

My best guess is a SUPER WIFIMAXX COMPUTER OR “baby QUANTUM” computer using just Quibits FOR EXTRA COMPUTATIONAL POWER

no thanks says:
April 15, 2017 at 3:36 pm
Oh boy, way to go completely down the wrong path. 1e100 is 1*10^100, where “e” is just a convention for scientific notation. It is not related to the mathematical constant “e” that is the base of the natural logarithm.
Mikael Isaksson says:
January 1, 2016 at 2:10 am
Occasionally Fallout 4 crasches when changing area. Everytime that happens, and I don’t know if this is the cause or a respons to the crasch, but every time that happens, steam.exe sends several hundreds of megabyte to an adress such as this. But Fallout just become unresponsive and has to be forcibly shut down.
Drew says:
October 23, 2015 at 6:37 pm
Those interested can buy the 1e100.net away from google, it expires on: Registrar Registration Expiration Date: 2019-09-24T22:40:03-0700. Hmmm, I wonder if you could reserve it from the 25th of September and on….. >;)
no thanks says:
April 15, 2017 at 3:34 pm
That’s now how this works… there is zero chance they won’t continue to renew the domain.
Cybershield Cyberguard says:
July 15, 2015 at 5:46 pm
“ET ATTACK_RESPONSE Microsoft CScript Banner Outbound” being detected to f27.1e100.net and not entirely sure why the sig matches what Google is doing. 1e100.net shows registered to Google but Registrar is markmonitor.com who specializes in brand protection. Curious what is really going on but no time to dig deeper.
logoff says:
January 27, 2015 at 7:20 am
https://support.google.com/faqs/answer/174717?hl=en
jiamei says:
April 25, 2014 at 7:29 pm
using ie 11 and no network activity that I can see in network resource monitor
Tiago Paolini says:
January 13, 2013 at 1:48 pm
Just in case someone is interested, here is the official satement from Google about this domain:
http://support.google.com/bin/answer.py?hl=en&answer=174717
Michael says:
November 12, 2010 at 11:04 pm
> …it’s not spyware or malware. It’s Google…

Well, who says that Google isn’t spying on you anyway. Just because it’s Google doesn’t mean it’s can’t or won’t be used against you.

Randy says:
April 11, 2014 at 8:41 am
They are, Google tracks everything and every site.
Agua Loca SL says:
October 26, 2010 at 12:28 am
found 12 names for the MX servers for ESTAFADORES agualoca.es: TIMO gy-in-f27.1e100.net, alt1.aspmx.l.google.com, bw-in-f27.1e100.net, qy-in-f27.1e100.net, aspmx2.googlemail.com, iw-in-f27.1e100.net, aspmx.l.google.com, pv-in-f27.1e100.net, aspmx3.googlemail.com, aspmx4.googlemail.com, ww-in-f27.1e100.net, and alt2.aspmx.l.google.com. (A single machine may go by more than one hostname. All of them are shown.)
d0ug says:
October 4, 2010 at 1:02 am
you will see that domain when you start firefox… you know.. the default google search page that loads when you first start google?
Jad says:
July 12, 2016 at 10:13 am
Forget Google, try DuckDuckGo. duckduckgo.com
Biswajit says:
August 9, 2010 at 4:07 pm
Well why actually google is using 1e100.net for is quite unknown, but i checked out the above link to find out, what is the link between google and 1e100
Jim Cooper says:
November 26, 2013 at 1:30 am
A ‘google’ is the name for the number that is one with 100 zeros… similar to Tera .. and Mega … we’re just not used to dealing with numbers quite that big … YET ..
mxm says:
June 18, 2010 at 11:16 am
You can see the 1e100.net also if you 'ping http://www.google.com'(and of course by using nslookup/dig but that's geeky stuff ;-)
TechnoShaman says:
December 16, 2012 at 3:44 pm
PING showed me nothing of the sort. I think you mean to say, “Do a TRACEROUTE”, as in
tracert http://www.google.com
(leave off the http:// stuff, it is not the proper syntax for this)
which for me leads to a series of anonymous servers along the path… rather odd.
For those unfamiliar with this “geeky stuff”, these are DOS-like commands you use in a Command Window in Windows: CMD.EXE followed by TRACERT and the NAME or ADDRESS you wish to inquire about, which does not have to be an http type name or address:
tracert google.com
works just fine (but checks a slightly different address).

Regards, etc.

no thanks says:
April 15, 2017 at 3:32 pm
It’s POSIX, not DOS…
N0ah says:
June 18, 2010 at 5:11 am
i'm also getting this for port 993 (i think it's an imap thing or something as i'm usinng google for email hosting and stuff)
Oliver Slay says:
April 30, 2010 at 3:19 pm
GoogleMail, Blogger, GTalk … all appear to open connections to 1e100 …
confi says:
March 13, 2010 at 12:10 am
ekrn.exe (nod32 antivirus) keeps connecting to 1e100…

ekrn.exe:296 TCP 192.168.*.*:* 74.125.127.147:80 ESTABLISHED

74.125.127.149 resolves to
“pz-in-f149.1e100.net”
Top Level Domain: “1e100.net”
Country IP Address: UNITED STATES

Jim Cooper (of course) says:
November 26, 2013 at 1:27 am
I wonder who has the job of dreaming up all the sub-domain and sub-sub-domain names to use with 1e100.net … : ))
helpful_zombie says:
June 1, 2019 at 10:08 pm
First of all, they’re randomly generated. Second of all, there is no sub-sub domains.
Nick says:
February 12, 2010 at 6:33 pm
You’re right that the googol has one hundred zeros but your scientific notation is off. 10*10^100 is 1e101, whereas a googol is 1*10^100 (or just 10^100 or 1e100).
doesprivacyexist says:
January 30, 2010 at 3:38 pm
haha Googol. officially it’s caching or attack site verification (a “service”, but personally i think it’s to collect info on habbits… Cheaper then phoning ppl for inquiries and big money it is. Yet nobody hangs up when google is phoning you ;)… Stange. Anyhow if you’re up to it: Best learn about how to get rid of flash cookies and read about unique id’s, afterwards never visit google, youtube, etc… (yes they are the same) Don’t forget to also set search bar to something different then google too if using firefox. Maybe check out http://www.scroogle.org/cgi-bin/scraper.htm :-)

As a final note, I want to mention, if it will not be google, it will be another. Get used to it or don’t use internet

toddboyle says:
January 27, 2010 at 4:35 pm
OK thanks for all the information.

Where can I get a utility to BLOCK GOOGLE EVERYTHING?

How hard is that. Sheesh. GIVE ME THE UTILITY.

DOna says:
March 15, 2018 at 12:29 am
SterJo NetStalker will block the connection attempts from the 1e100 remote host unless you update the policy file to mark it acceptable. So far I have not marked this one Accept in the policy file, with no problems being caused that I can detect. NetStalker notifies me of the address that was blocked and I have the option to “resolve host” to see who owns the address. All connections are shown in the daily log and a daily history of GB received and sent and number of blocked attempts. There is a premium version that saves a detailed daily log of connections – or some such additional feature – but I use the freebie. Pretty cool – maybe some people don’t know about it.
Mel says:
January 24, 2010 at 11:16 am
Excellent information….I agree with Jase. Sadly, its becoming harder to stay one step ahead of the unethical.
Jase says:
January 21, 2010 at 8:44 am
is google the new microsoft?

first we had microsft everything, now it’s google everything.

Rich Menga says:
January 21, 2010 at 1:31 pm
You are definitely not the first person to say that. :)
José says:
November 9, 2014 at 4:30 am
Microsoft still charges for his operative system / office suit. Still doesn’t release it’d code.
aaa says:
April 4, 2015 at 5:16 pm
Neither does Google, and it charges by putting ads everywhere

Leave a Reply

Your email address will not be published. Required fields are marked *


Adam

Nov 6, 2018

643 Articles Published

You May Like

better hdr in windows
WEB

Ways to Get a Better HDR Experience in Windows 11
Kerry Bayley

Nov 6, 2024
3 mins read
spellcheck isn’t working in word
MICROSOFT WORD

Spellcheck Isn’t Working in Word – 5 Fixes
Kerry Bayley

Nov 1, 2024
3 mins read
Excel Sharing Violation Error
MICROSOFT EXCEL

Steps for Fixing the Microsoft Excel Sharing Violation Error
Kerry Bayley

Oct 25, 2024
3 mins read
how to view .pages files in windows
MICROSOFT WORD

How to View .pages Files in Windows
Kerry Bayley

Oct 16, 2024
3 mins read
roblox error codes
WEB

5 Most Common Roblox Error Codes Explained (And How to Fix Them)
Kerry Bayley

Oct 11, 2024
3 mins read
                             

More

the network path was not found in windows the network path was not found in windows
SECURITY
How to Fix Error 0x80070035 The Network Path Was Not Found in Windows
Kerry Bayley

Nov 8, 2024
3 mins read
can’t open jpg in windows can’t open jpg in windows
WINDOWS 10
Can’t Open JPG Files in Windows – Six Fixes to Try
Kerry Bayley

Oct 30, 2024
3 mins read
locked out of bios in windows locked out of bios in windows
WINDOWS 10
Five Fixes When You’re Locked out of Bios on Windows
Kerry Bayley

Oct 23, 2024
3 mins read

More

Zoom How to Change Name
ZOOM

How to Change Your Name in Zoom
Kerry Bayley

May 31, 2021
3 mins read
AMAZON.COM

How To Filter By Color in Google Sheets
Robert Hayes

Jan 15, 2020
3 mins read

Copyright @2024 TechJunkie

Copyright @2024 TechJunkie